noumen 0.6.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +237 -93
- package/dist/a2a/index.d.ts +5 -7
- package/dist/a2a/index.js +3 -4
- package/dist/a2a/index.js.map +1 -1
- package/dist/acp/index.d.ts +5 -7
- package/dist/acp/index.js +0 -1
- package/dist/acp/index.js.map +1 -1
- package/dist/{agent-DWE4_P5X.d.ts → agent-D0gl-qYi.d.ts} +89 -34
- package/dist/{chunk-6MMYCGJQ.js → chunk-5HY4IYNT.js} +1529 -2321
- package/dist/chunk-5HY4IYNT.js.map +1 -0
- package/dist/chunk-BC5BLWBC.js +21 -0
- package/dist/chunk-BC5BLWBC.js.map +1 -0
- package/dist/{chunk-XZN4QZLK.js → chunk-CX4BL6PC.js} +25 -15
- package/dist/chunk-CX4BL6PC.js.map +1 -0
- package/dist/{chunk-5GEX6ZSB.js → chunk-HQISH4D7.js} +60 -1
- package/dist/chunk-HQISH4D7.js.map +1 -0
- package/dist/{chunk-Y45R3PQL.js → chunk-NUCJXOUV.js} +32 -18
- package/dist/{chunk-Y45R3PQL.js.map → chunk-NUCJXOUV.js.map} +1 -1
- package/dist/chunk-OPFFLQZL.js +40 -0
- package/dist/chunk-OPFFLQZL.js.map +1 -0
- package/dist/chunk-PDEAJ272.js +660 -0
- package/dist/chunk-PDEAJ272.js.map +1 -0
- package/dist/chunk-PKHLGGEC.js +115 -0
- package/dist/chunk-PKHLGGEC.js.map +1 -0
- package/dist/chunk-XQTNXRE7.js +176 -0
- package/dist/chunk-XQTNXRE7.js.map +1 -0
- package/dist/chunk-XZPAA5TO.js +817 -0
- package/dist/chunk-XZPAA5TO.js.map +1 -0
- package/dist/cli/index.js +77 -42
- package/dist/cli/index.js.map +1 -1
- package/dist/client/index.d.ts +1 -2
- package/dist/client/index.js +0 -2
- package/dist/client/index.js.map +1 -1
- package/dist/client-JJFLE6RT.js +9 -0
- package/dist/{computer-BPdxSo6X.d.ts → computer-DzMR92tK.d.ts} +1 -1
- package/dist/docker.d.ts +2 -2
- package/dist/docker.js +0 -1
- package/dist/docker.js.map +1 -1
- package/dist/e2b.d.ts +2 -2
- package/dist/e2b.js +0 -1
- package/dist/e2b.js.map +1 -1
- package/dist/freestyle.d.ts +2 -2
- package/dist/freestyle.js +0 -1
- package/dist/freestyle.js.map +1 -1
- package/dist/{headless-FFU2DESQ.js → headless-25DU4MJQ.js} +1 -3
- package/dist/{headless-FFU2DESQ.js.map → headless-25DU4MJQ.js.map} +1 -1
- package/dist/{history-snip-64GYP4ZL.js → history-snip-HAWNAYKY.js} +1 -2
- package/dist/index.d.ts +351 -72
- package/dist/index.js +54 -55
- package/dist/jsonrpc/index.js +0 -1
- package/dist/local.d.ts +168 -0
- package/dist/local.js +40 -0
- package/dist/local.js.map +1 -0
- package/dist/lsp/index.d.ts +4 -5
- package/dist/lsp/index.js +0 -1
- package/dist/{lsp-PS3BWIHC.js → lsp-3APWNKB2.js} +1 -2
- package/dist/{manager-DLXK63XC.js → manager-Z5EQ7YYV.js} +1 -2
- package/dist/mcp/index.d.ts +16 -8
- package/dist/mcp/index.js +5 -6
- package/dist/mcp/index.js.map +1 -1
- package/dist/{mcp-auth-AEI2R4ZC.js → mcp-auth-NOIQPF7W.js} +1 -2
- package/dist/{provider-factory-TUHU3DIG.js → provider-factory-KNBSHXJ6.js} +3 -3
- package/dist/{render-GRN4ZSSW.js → render-4VEODRK7.js} +1 -2
- package/dist/{resolve-6KUZNEYW.js → resolve-AGQZFMKD.js} +3 -3
- package/dist/sandbox-DAqQo0Tj.d.ts +49 -0
- package/dist/sandbox-index-ODNREIFA.js +32 -0
- package/dist/sandbox-index-ODNREIFA.js.map +1 -0
- package/dist/server/index.d.ts +18 -7
- package/dist/server/index.js +9 -5
- package/dist/server/index.js.map +1 -1
- package/dist/{server-BzNGKTP6.d.ts → server-DFXdlqyX.d.ts} +1 -1
- package/dist/{spinner-OJNR6NFO.js → spinner-72JEISPK.js} +1 -2
- package/dist/sprites.d.ts +2 -2
- package/dist/sprites.js +0 -1
- package/dist/sprites.js.map +1 -1
- package/dist/ssh.d.ts +2 -2
- package/dist/ssh.js +0 -1
- package/dist/ssh.js.map +1 -1
- package/dist/{types-DhXwOQwD.d.ts → types-BX4ALqoN.d.ts} +76 -4
- package/dist/{types-kiGBF35b.d.ts → types-DLZNyF5t.d.ts} +125 -1
- package/dist/unsandboxed.d.ts +59 -0
- package/dist/unsandboxed.js +32 -0
- package/dist/unsandboxed.js.map +1 -0
- package/dist/{uuid-RVN2T26F.js → uuid-CVTNAPEB.js} +1 -2
- package/dist/{zod-7YXKWYMC.js → zod-VKURGPRT.js} +1 -2
- package/package.json +35 -50
- package/dist/cache-BlBwXXPS.d.ts +0 -38
- package/dist/chunk-5GEX6ZSB.js.map +0 -1
- package/dist/chunk-6MMYCGJQ.js.map +0 -1
- package/dist/chunk-7IQCQI2G.js +0 -94
- package/dist/chunk-7IQCQI2G.js.map +0 -1
- package/dist/chunk-CCM2AXZG.js +0 -16
- package/dist/chunk-CCM2AXZG.js.map +0 -1
- package/dist/chunk-DGUM43GV.js +0 -11
- package/dist/chunk-HEQQQGK5.js +0 -131
- package/dist/chunk-HEQQQGK5.js.map +0 -1
- package/dist/chunk-I3JTUFPK.js +0 -171
- package/dist/chunk-I3JTUFPK.js.map +0 -1
- package/dist/chunk-XZN4QZLK.js.map +0 -1
- package/dist/chunk-ZXSDKBYB.js +0 -474
- package/dist/chunk-ZXSDKBYB.js.map +0 -1
- package/dist/client-CRRO2376.js +0 -10
- package/dist/providers/anthropic.d.ts +0 -19
- package/dist/providers/anthropic.js +0 -36
- package/dist/providers/anthropic.js.map +0 -1
- package/dist/providers/bedrock.d.ts +0 -39
- package/dist/providers/bedrock.js +0 -56
- package/dist/providers/bedrock.js.map +0 -1
- package/dist/providers/gemini.d.ts +0 -17
- package/dist/providers/gemini.js +0 -262
- package/dist/providers/gemini.js.map +0 -1
- package/dist/providers/ollama.d.ts +0 -13
- package/dist/providers/ollama.js +0 -20
- package/dist/providers/ollama.js.map +0 -1
- package/dist/providers/openai.d.ts +0 -21
- package/dist/providers/openai.js +0 -9
- package/dist/providers/openrouter.d.ts +0 -16
- package/dist/providers/openrouter.js +0 -24
- package/dist/providers/openrouter.js.map +0 -1
- package/dist/providers/vertex.d.ts +0 -42
- package/dist/providers/vertex.js +0 -68
- package/dist/providers/vertex.js.map +0 -1
- package/dist/sandbox-9qeMTNrD.d.ts +0 -126
- package/dist/types-CD0rUKKT.d.ts +0 -109
- package/dist/uuid-RVN2T26F.js.map +0 -1
- package/dist/zod-7YXKWYMC.js.map +0 -1
- /package/dist/{chunk-DGUM43GV.js.map → client-JJFLE6RT.js.map} +0 -0
- /package/dist/{client-CRRO2376.js.map → history-snip-HAWNAYKY.js.map} +0 -0
- /package/dist/{history-snip-64GYP4ZL.js.map → lsp-3APWNKB2.js.map} +0 -0
- /package/dist/{lsp-PS3BWIHC.js.map → manager-Z5EQ7YYV.js.map} +0 -0
- /package/dist/{manager-DLXK63XC.js.map → mcp-auth-NOIQPF7W.js.map} +0 -0
- /package/dist/{mcp-auth-AEI2R4ZC.js.map → provider-factory-KNBSHXJ6.js.map} +0 -0
- /package/dist/{provider-factory-TUHU3DIG.js.map → render-4VEODRK7.js.map} +0 -0
- /package/dist/{providers/openai.js.map → resolve-AGQZFMKD.js.map} +0 -0
- /package/dist/{render-GRN4ZSSW.js.map → spinner-72JEISPK.js.map} +0 -0
- /package/dist/{resolve-6KUZNEYW.js.map → uuid-CVTNAPEB.js.map} +0 -0
- /package/dist/{spinner-OJNR6NFO.js.map → zod-VKURGPRT.js.map} +0 -0
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import {
|
|
2
|
+
LocalComputer,
|
|
3
|
+
LocalFs
|
|
4
|
+
} from "./chunk-XQTNXRE7.js";
|
|
5
|
+
|
|
6
|
+
// src/virtual/unsandboxed.ts
|
|
7
|
+
function UnsandboxedLocal(opts) {
|
|
8
|
+
const cwd = opts?.cwd;
|
|
9
|
+
return {
|
|
10
|
+
fs: new LocalFs({ basePath: cwd }),
|
|
11
|
+
computer: new LocalComputer({
|
|
12
|
+
defaultCwd: cwd,
|
|
13
|
+
defaultTimeout: opts?.defaultTimeout
|
|
14
|
+
})
|
|
15
|
+
};
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
export {
|
|
19
|
+
UnsandboxedLocal
|
|
20
|
+
};
|
|
21
|
+
//# sourceMappingURL=chunk-BC5BLWBC.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/virtual/unsandboxed.ts"],"sourcesContent":["import { LocalFs } from \"./local-fs.js\";\nimport { LocalComputer } from \"./local-computer.js\";\nimport type { Sandbox } from \"./sandbox.js\";\n\nexport interface UnsandboxedLocalOptions {\n /** Working directory for both file resolution and command execution. */\n cwd?: string;\n /** Default timeout (ms) for shell commands. */\n defaultTimeout?: number;\n}\n\n/**\n * Create a `Sandbox` backed by the host filesystem and shell with **no\n * OS-level isolation**. The agent can access anything the host process can.\n *\n * Use this for development or fully-trusted environments where sandboxing\n * overhead is unwanted. For production use, prefer `LocalSandbox()` (which\n * wraps commands with `@anthropic-ai/sandbox-runtime`).\n */\nexport function UnsandboxedLocal(opts?: UnsandboxedLocalOptions): Sandbox {\n const cwd = opts?.cwd;\n return {\n fs: new LocalFs({ basePath: cwd }),\n computer: new LocalComputer({\n defaultCwd: cwd,\n defaultTimeout: opts?.defaultTimeout,\n }),\n };\n}\n"],"mappings":";;;;;;AAmBO,SAAS,iBAAiB,MAAyC;AACxE,QAAM,MAAM,MAAM;AAClB,SAAO;AAAA,IACL,IAAI,IAAI,QAAQ,EAAE,UAAU,IAAI,CAAC;AAAA,IACjC,UAAU,IAAI,cAAc;AAAA,MAC1B,YAAY;AAAA,MACZ,gBAAgB,MAAM;AAAA,IACxB,CAAC;AAAA,EACH;AACF;","names":[]}
|
|
@@ -1,12 +1,12 @@
|
|
|
1
|
+
import {
|
|
2
|
+
formatZodValidationError
|
|
3
|
+
} from "./chunk-3SK5GCI6.js";
|
|
1
4
|
import {
|
|
2
5
|
IMAGE_EXTENSIONS,
|
|
3
6
|
compressImageBufferWithTokenLimit,
|
|
4
7
|
createImageMetadataText,
|
|
5
8
|
maybeResizeAndDownsampleImageBuffer
|
|
6
|
-
} from "./chunk-
|
|
7
|
-
import {
|
|
8
|
-
formatZodValidationError
|
|
9
|
-
} from "./chunk-3SK5GCI6.js";
|
|
9
|
+
} from "./chunk-HQISH4D7.js";
|
|
10
10
|
import {
|
|
11
11
|
contentToString
|
|
12
12
|
} from "./chunk-JACGEMTF.js";
|
|
@@ -1316,7 +1316,7 @@ var writeFileTool = {
|
|
|
1316
1316
|
message: "Error: UNC paths are not allowed"
|
|
1317
1317
|
};
|
|
1318
1318
|
}
|
|
1319
|
-
if (isDangerousPath(filePath, ctx.cwd)) {
|
|
1319
|
+
if (isDangerousPath(filePath, ctx.cwd, ctx.dotDirResolver?.config.names)) {
|
|
1320
1320
|
return {
|
|
1321
1321
|
behavior: "ask",
|
|
1322
1322
|
message: `Write targets sensitive path: ${filePath}`,
|
|
@@ -1544,7 +1544,7 @@ var editFileTool = {
|
|
|
1544
1544
|
message: "Error: UNC paths are not allowed"
|
|
1545
1545
|
};
|
|
1546
1546
|
}
|
|
1547
|
-
if (isDangerousPath(filePath, ctx.cwd)) {
|
|
1547
|
+
if (isDangerousPath(filePath, ctx.cwd, ctx.dotDirResolver?.config.names)) {
|
|
1548
1548
|
return {
|
|
1549
1549
|
behavior: "ask",
|
|
1550
1550
|
message: `Edit targets sensitive path: ${filePath}`,
|
|
@@ -2768,7 +2768,7 @@ function resolveAutoModeDecision(params) {
|
|
|
2768
2768
|
}
|
|
2769
2769
|
|
|
2770
2770
|
// src/permissions/pipeline.ts
|
|
2771
|
-
var
|
|
2771
|
+
var BASE_DANGEROUS_PATH_PATTERNS = [
|
|
2772
2772
|
/(?:^|\/)\.git(?:\/|$)/,
|
|
2773
2773
|
/(?:^|\/)\.bashrc$/,
|
|
2774
2774
|
/(?:^|\/)\.bash_profile$/,
|
|
@@ -2780,14 +2780,23 @@ var DANGEROUS_PATH_PATTERNS = [
|
|
|
2780
2780
|
/(?:^|\/)\.npmrc$/,
|
|
2781
2781
|
/(?:^|\/)\.vscode(?:\/|$)/,
|
|
2782
2782
|
/(?:^|\/)\.idea(?:\/|$)/,
|
|
2783
|
-
/(?:^|\/)\.claude(?:\/|$)/,
|
|
2784
|
-
/(?:^|\/)\.noumen(?:\/|$)/,
|
|
2785
2783
|
/(?:^|\/)\.gitconfig$/,
|
|
2786
2784
|
/(?:^|\/)\.gitmodules$/,
|
|
2787
2785
|
/(?:^|\/)\.mcp\.json$/,
|
|
2788
2786
|
/(?:^|\/)\.ripgreprc$/,
|
|
2789
2787
|
/(?:^|\/)\.noumen\.json$/
|
|
2790
2788
|
];
|
|
2789
|
+
var DEFAULT_PROTECTED_DOT_DIRS = [".noumen", ".claude"];
|
|
2790
|
+
function escapeForRegex(value) {
|
|
2791
|
+
return value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
|
|
2792
|
+
}
|
|
2793
|
+
function buildDangerousPathPatterns(dotDirNames) {
|
|
2794
|
+
const names = dotDirNames && dotDirNames.length > 0 ? dotDirNames : DEFAULT_PROTECTED_DOT_DIRS;
|
|
2795
|
+
const dotDirPatterns = names.map(
|
|
2796
|
+
(name) => new RegExp(`(?:^|\\/)${escapeForRegex(name)}(?:\\/|$)`)
|
|
2797
|
+
);
|
|
2798
|
+
return [...BASE_DANGEROUS_PATH_PATTERNS, ...dotDirPatterns];
|
|
2799
|
+
}
|
|
2791
2800
|
async function resolvePermission(tool, input, ctx, permCtx, opts) {
|
|
2792
2801
|
const toolName = tool.name;
|
|
2793
2802
|
const contentHint = extractContentHint(tool, input);
|
|
@@ -2852,7 +2861,7 @@ async function resolvePermission(tool, input, ctx, permCtx, opts) {
|
|
|
2852
2861
|
}
|
|
2853
2862
|
}
|
|
2854
2863
|
const dangerousFilePath = typeof input.file_path === "string" ? input.file_path : typeof input.path === "string" ? input.path : void 0;
|
|
2855
|
-
if (dangerousFilePath && isDangerousPath(dangerousFilePath, ctx.cwd)) {
|
|
2864
|
+
if (dangerousFilePath && isDangerousPath(dangerousFilePath, ctx.cwd, permCtx.dotDirNames)) {
|
|
2856
2865
|
return {
|
|
2857
2866
|
behavior: "ask",
|
|
2858
2867
|
message: `Path "${dangerousFilePath}" targets a sensitive location.`,
|
|
@@ -2865,7 +2874,7 @@ async function resolvePermission(tool, input, ctx, permCtx, opts) {
|
|
|
2865
2874
|
const tokens = sub.trim().split(/\s+/);
|
|
2866
2875
|
for (const token of tokens) {
|
|
2867
2876
|
if (token.startsWith("-")) continue;
|
|
2868
|
-
if (isDangerousPath(token, ctx.cwd)) {
|
|
2877
|
+
if (isDangerousPath(token, ctx.cwd, permCtx.dotDirNames)) {
|
|
2869
2878
|
return {
|
|
2870
2879
|
behavior: "ask",
|
|
2871
2880
|
message: `Bash command references sensitive path "${token}".`,
|
|
@@ -3053,18 +3062,19 @@ async function resolvePermission(tool, input, ctx, permCtx, opts) {
|
|
|
3053
3062
|
}
|
|
3054
3063
|
return finalAsk;
|
|
3055
3064
|
}
|
|
3056
|
-
function isDangerousPath(filePath, basePath) {
|
|
3065
|
+
function isDangerousPath(filePath, basePath, dotDirNames) {
|
|
3057
3066
|
const base = basePath ?? process.cwd();
|
|
3058
3067
|
const resolved = path5.resolve(base, filePath);
|
|
3059
3068
|
const relative2 = path5.relative(base, resolved);
|
|
3060
3069
|
const candidate = (relative2.startsWith("..") ? resolved.replace(/^\/+/, "") : relative2).toLowerCase();
|
|
3061
|
-
|
|
3070
|
+
const patterns = buildDangerousPathPatterns(dotDirNames);
|
|
3071
|
+
if (patterns.some((p) => p.test(candidate))) return true;
|
|
3062
3072
|
try {
|
|
3063
3073
|
const realPath = fs2.realpathSync(resolved);
|
|
3064
3074
|
if (realPath !== resolved) {
|
|
3065
3075
|
const realRelative = path5.relative(base, realPath);
|
|
3066
3076
|
const realCandidate = (realRelative.startsWith("..") ? realPath.replace(/^\/+/, "") : realRelative).toLowerCase();
|
|
3067
|
-
if (
|
|
3077
|
+
if (patterns.some((p) => p.test(realCandidate))) return true;
|
|
3068
3078
|
}
|
|
3069
3079
|
} catch {
|
|
3070
3080
|
}
|
|
@@ -3109,4 +3119,4 @@ export {
|
|
|
3109
3119
|
resolveToolFlag,
|
|
3110
3120
|
ToolRegistry
|
|
3111
3121
|
};
|
|
3112
|
-
//# sourceMappingURL=chunk-
|
|
3122
|
+
//# sourceMappingURL=chunk-CX4BL6PC.js.map
|